Run: PwnKit mitigation - Removing SUID permissions on pkexec - WITH MITIGATION
Log In or Register to download the BES file, and more.

0 Votes

Description


This task will remove the SUID-bit from pkexec file.
It is a generic command that can be deployed on all Linux-based endpoints
chmod 0755 /usr/bin/pkexec

You should favor patching the OS with the security update released by the vendor for any supported system, and only when this is not a viable solution, to use the mitigation approach.

Removing the SUID-bit form the pkexec file may have a negative impact on any applications.
Use this task to perform mitigation with care and test thoroughly in your environment.


Property Details

ID26905
StatusBeta - Preliminary testing ready for more
TitleRun: PwnKit mitigation - Removing SUID permissions on pkexec - WITH MITIGATION
DomainBESC
CategoryWorkaround
SourceCommunity Content
Source SeverityImportant
Source Release Date1/28/2022 12:00:00 AM
CVENamesCVE-2021-4034
KeywordsCVE-2021-4034 BETA
Added by on 2/1/2022 6:38:23 AM
Last Modified by on 2/1/2022 6:38:23 AM
Counters 1703 Views / 4 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 1 fixlet   * Results in a true/false
Show indented relevance
exists file "/usr/bin/pkexec" and mode of file "/usr/bin/pkexec" as string != "rwxr-xr-x"

Actions

Action 1 (default)

Action Link Click here to deploy this action.
Script Type BigFix Action Script
// Enter your action script here
wait "/bin/bash" -c "chmod 0755 /usr/bin/pkexec"
Success Criteria

This action will be considered successful when all lines of the action script have completed successfully.


Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!